pgsql: Add missing connection validation in ECPG

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Andrew Dunstan <[email protected]>
To: [email protected]
Subject: pgsql: Add missing connection validation in ECPG
Date: Fri, 01 May 2026 19:18:14 +0000
Message-ID: <[email protected]> (raw)

Add missing connection validation in ECPG

ECPGdeallocate_all(), ECPGprepared_statement(), ECPGget_desc(), and
ecpg_freeStmtCacheEntry() could crash with a SIGSEGV when called
without an established connection (for example, when EXEC SQL CONNECT
was forgotten or a non-existent connection name was used), because
they dereferenced the result of ecpg_get_connection() without first
checking it for NULL.

Each site is fixed in the style of the surrounding code.

New tests are added for these conditions.

Author: Shruthi Gowda <[email protected]>
Reviewed-by: Tom Lane <[email protected]>
Reviewed-by: Fujii Masao <[email protected]>
Reviewed-by: Mahendra Singh Thalor <[email protected]>
Reviewed-by: Nishant Sharma <[email protected]>
Discussion: https://postgr.es/m/[email protected]
Backpatch-through: 14

Branch
------
REL_18_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/e2688ea5e411e3ff995c95dd207d1e1911142b8a

Modified Files
--------------
src/interfaces/ecpg/ecpglib/descriptor.c           |  12 +-
src/interfaces/ecpg/ecpglib/prepare.c              |  32 +++--
src/interfaces/ecpg/test/connect/.gitignore        |   2 +
src/interfaces/ecpg/test/connect/Makefile          |   3 +-
src/interfaces/ecpg/test/connect/meson.build       |   1 +
src/interfaces/ecpg/test/connect/test6.pgc         |  68 ++++++++++
src/interfaces/ecpg/test/ecpg_schedule             |   1 +
src/interfaces/ecpg/test/expected/connect-test6.c  | 146 +++++++++++++++++++++
.../ecpg/test/expected/connect-test6.stderr        |  50 +++++++
.../ecpg/test/expected/connect-test6.stdout        |   9 ++
10 files changed, 312 insertions(+), 12 deletions(-)

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: pgsql: Add missing connection validation in ECPG
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox